NOD32 4.2 LZH PoC exploit

Discussion in 'ESET NOD32 Antivirus' started by PhoenixUA, May 9, 2010.

Thread Status:
Not open for further replies.
  1. PhoenixUA

    PhoenixUA Registered Member

    Joined:
    Jul 16, 2008
    Posts:
    13
    http://securityreason.com/exploitalert/8213

    # ESET Smart Security 4.2 and NOD32 Antivirus 4.2 (x32-x64)
    # LZH archive parsing PoC exploit.
    #
    # Scanning of malicious file causes heap corruption in context
    # of the service process (ekrn.exe).

    When will be update?
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    do you think they bothered to notify Eset of it before going public? That would be a responsible thing to do to protect the public
     
  3. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,031
    Location:
    California
    Hello,

    A fix was issued around 12:30PM (PDT) on May 7, 2010 as a part of archive module 1114.

    I am not sure how notification was made, but tt is possible the person who found the issue contacted a reseller or distributor instead of ESET directly.

    Regards,

    Aryeh Goretsky
     
Thread Status:
Not open for further replies.